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IN THE CLAIMS 

Please amend the claims as follows: 



1-6. (Cancelled). 

7. (Currently Amended) A method for authenticating a principal comprising: 
receiving an access request from a first principal for access to a second principal; 
evaluating a contract to acquire a credential for the first principal; 

transmitting the credential to the first principal for use in interacting with the second principal, 
wherein the credential includes authentication information, aggregated attributes and aggregated 
policies for use by the first principal in interacting with the second principal; Th e m e thod of 
claim 1 further comprising: 

receiving a new request from the first principal for establishing a trust relationship with 
the second principal, wherein the trust relationship is established via communications having 
public-private key pairs between the first principal and the second principal; 

determining if the trust relationship is permissible; 

receiving a dynamically generated public key from the first principal associated with a 
dynamically generated private key, the dynamically generated private key maintained by the first 
principal; and 

making the dynamically generated public key accessible to the second principal. 

8. (Original) The method of claim 7 further comprising: 

receiving from a third principal a static rooted public key associated with the second 
principal; and 

transmitting the static rooted public key to the first principal for use in interacting with 
the second principal in the trust relationship. 



9-30. (Cancelled). 
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3 1 . (New) The method of claim 7 further comprising, revoking the credential when an 
expiring event is detected. 



32. (New) The method of claim 7 further comprising: 

updating the contract in response to a permissible modification; and 
deriving a modified credential from the updated contract. 



33. (New) The method of claim 32 further comprising, transmitting the modified credential 
to the first principal for use in interacting with the second principal. 



34. (New) The method of claim 7 further comprising: 

detecting an event that renders the contract stale; and 
revoking the credential. 



35. (New) The method of claim 7 further comprising, expressing the certificate as one or 
more assertions. 



36. (New) The method of claim 7 further comprising, accessing one or more identity stores 
to acquire the authentication information, the aggregated attributes, and the aggregated policies. 

37. (New) The method of claim 36 further comprising, acquiring alias identity information 
in the credential acquired from the one or more identity stores. 



38. (New) The method of claim 7 further comprising acquiring from the aggregated policies 
definitions for operations that are permissibly performed or not permitted during interactions 
between the first and the second principal. 



